Presentation is loading. Please wait.

Presentation is loading. Please wait.

Key Challenges in DRM: An Industry Perspective

Published byMárta Kozma Modified over 5 years ago

Similar presentations

Presentation on theme: "Key Challenges in DRM: An Industry Perspective"— Presentation transcript:

1 Key Challenges in DRM: An Industry Perspective
Brian A. LaMacchia (Microsoft Corporation) Lecture Notes in Computer Science ACM DRM 2002

2 Outline Three key challenges in DRM Authoring policy expression
Expressiveness, comprehensiveness, interoperability Current rights-language initiatives Evaluating policy expression Usability vs. complexity Projecting policy expressions with confidence into remote environment Attestable TCB (trusted computation bases) Current TCB initiatives Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 2

3 Building Blocks of A DRM System
Digital Rights Management (DRM) Integrity Checking Access Control Credential Authentication Copy Control Transaction Tracking Rule Specification Digital Management of Rights Management of Digital Rights Cryptography Watermarking Rights Language Hashes and protocols Block cipher Public-key encryption/decryption Media specific techniques Fingerprinting REL XrML DRM Policy Management System Rights Language Rights Evaluator Trusted Computing Base Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 3

4 Why a Rights Languages Is a Must?
Requirements of policy expression The language must be sufficiently expressive to allow users (content owners, distributors and consumers) to write the types of policies they wish The language must be easy enough for reason about and communicate content policies. Statements from many different sources must preserve a certain level of interoperability A general-purpose rights expression languages is what we want A type of policy authorization language where the focus of the language is on expression and transferring rights from one party to another in an interoperable format Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 4

5 Various Rights Language Initiatives
XrML - XML Rights Management Language Rights Expression Language (REL) and Rights Definition Dictionary (RDD) in MPEG-21 RLTC in OASIS ODRL - Open Digital Rights Language Adopted by OMA (Open Mobile Alliance) XACML – OASIS eXtensible Access Control Markup Language XMCL – the eXtensible Media Commerce Language Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 5

6 XrML Descendant of Dr. M. Stefik’s DPRL (Digital Property Rights Language) In 2000, the data model of DPRL was converted to XML. The resulting language, together with some language extensions, was named XrML 1.0 ContentGuard released XrML 2.0 in November 2001 Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 6

7 XrML 2.0 Data Model: Grant Grant
Principle – the identification of a party to whom rights are granted. Resource – the object to which the Principle can be granted a Right Right – the verb that a Principle can exercise against some Resource under some Condition Condition – terms, conditions and obligations under which rights can be exercised Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 7

8 XrML 2.0 Data Model: License
A set of Grants Identification information of license issuers Additional information Description of the License Validity date Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 8

9 XrML 2.0: Structures Chun-Hsiang Huang ,DSP Group, CMLab,
Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 9

10 XrML 2.0: A Minimal Example
The holder of the key possess the name of Alice Richardson Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 10

11 XrML 2.0: Features Trust Model
patterns, variables and quantifiers are included prerequisite rights Confidentiality Web service specification Pattern matching Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 11

12 The Most Challenging Issue
Using rights languages to represent liability-based systems through explicit expressions of rights Policy evaluators always want expressions can be evaluated and determined to be true facts or false statements Evaluating laws often needs a fact-finder to balance competing interests Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 12

13 Evaluating Policy Expressions
A DRM policy evaluator decides for each requested access whether the relevant policy allows it to occur Is just an instance of a robust-general purpose trust management engine The set of the resources to be protected is the entire set of content potentially available to the client over the network The set of objects that a DRM system want to manage is unbounded, thus human reasoning suffers and the implementation cost is too high. The need for good user interface for describing and configuring trust management policies is still an open work area for DRM system policy evaluators. Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 13

14 Projecting Policy Expressions with Confidence into Remote Environments
Most DRM systems have to operate on multiple nodes in a network Content provider will not distribute their works to “hostile” platforms Users will never reveal their private information to suspicious remote system Solutions Security protocols grounded in trusted computing bases Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 14

15 Trusted Computing Bases
Trusted computing platforms Platforms that will operate correctly and behave in accordance with their design parameters A TCB cannot violate the policy it is supposed to enforce Attestability An attestable TCB is a TCP that is able to convince a remote party that its is running and behaving according to some specification Current industry initiatives Trusted Computing Group – many vendors Palladium – Microsoft Both initiatives adopted HW-based public-key cryptography to generate attestations about software Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 15

16 TCG Trusted Computing Group https://www.trustedcomputinggroup.org/
An industry standards body, comprised of computer and device manufacturers, software vendors, and others with a stake in enhancing the security of the computing environment across multiple platforms and devices The TCPA (the former name of TCG) was founded 1999 by Compaq, HP, IBM, Intel and Microsoft. In the meantime around 200 companies joined them. You will find Adobe, AMD, Fujitsu-Siemens, Gateway, Motorola, Samsung, Toshiba and many other well known companies. IBM already sells first desktops and notebooks with integrated TPM. Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 16

17 Implementations of Trusted Platform
Every computer will have a hardware component , built-in on the motherboard, computing SHA1 hash values of software stack of interest. TCG: Trusted Platform Module, also known as Fritz-Chip Palladium: Security Support Component A RSA-based digital signature over the hash function is then created. The digital signature together with whatever certifications the third party provided for the signing key forms the attestation. The integrity of the hardware is important Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 17

18 Another Viewpoint: Against-TCPA
Consequence of Trusted Computing Base The informational self-determination will never exist anymore. It is not possible to save, copy, create, program, ..., the data like you want. This applies for privates as for companies The free access to the IT/Software market is completely prevented for anyone except the big companies Restrictions in the usage of owned hardware would apply The liberty of opinion and the free speech on the internet would finally be eliminated The national self-determination of the particular countries would be fully in the hands of the USA Probably the world would break into two digital parts (Countries that express against TCPA) Chun-Hsiang Huang ,DSP Group, CMLab, Dept. of Computer Science and Information Engineering, NTU  2019/4/10 P. 18

Download ppt "Key Challenges in DRM: An Industry Perspective"

Similar presentations

ContentGuard An Intellectual Property Company IPED Conference November 1, 2007 Presented By Eddie Chen CONTENTGUARD.

ContentGuard An Intellectual Property Company IPED Conference November 1, 2007 Presented By Eddie Chen CONTENTGUARD.
IST- 2001-320015 3rd OA-Forum Workshop - Networking Multimedia Resources | 27-29th March 2003, Berlin Technological Copyright Enforcement and Open Access.

IST rd OA-Forum Workshop - Networking Multimedia Resources | 27-29th March 2003, Berlin Technological Copyright Enforcement and Open Access.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Vpn-info.com.

Vpn-info.com.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Security of Digital Rights Management Systems Hugo Jonker

Security of Digital Rights Management Systems Hugo Jonker
TCPA TCPA TCPA T rusted C omputing P latform A lliance Saurabh Phansalkar.

TCPA TCPA TCPA T rusted C omputing P latform A lliance Saurabh Phansalkar.
Trusted Computing Platforms Blessing or Curse? by Bastian Sopora, Seminar DRM 2006.

Trusted Computing Platforms Blessing or Curse? by Bastian Sopora, Seminar DRM 2006.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.

“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.
SEC316: BitLocker™ Drive Encryption

SEC316: BitLocker™ Drive Encryption
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.
Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/6.857 17 October 2002.

Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/ October 2002.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

Similar presentations

Ads by Google